Not strictly true. Although the set of client vars won't expire on the server there is no reason why you can't delete the id and token on the client by using the code that I posted on my last post. In fact Tod almost had it right initially - just didn't use local vars (2 extra lines of code)
-----Original Message----- From: Tyler Clendenin [mailto:[EMAIL PROTECTED]] Sent: 21 March 2002 17:17 To: CF-Talk Subject: Re: Client variable security (Re: The trouble with cookies ...) By the nature of sessions they cannot be ended like that. You must require that the user log out if they don't want that to happen. ----- Original Message ----- From: "Todd" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, March 21, 2002 11:35 AM Subject: Client variable security (Re: The trouble with cookies ...) > Maybe I should explain what I am trying to do a little more. > > I have an application that uses client variables to track sessions and > provide security. If a user loggs out, everything is fine. If a user is > idle for more than an hour, everything is fine. If a user closes their > browser and someone comes along behind them and opens a broswer and goes to > the same place, the session is still active and they don't have to log in. > What I need is a way to end the seeion when the browser is closed. > > Todd > > ----- Original Message ----- > From: "Russel Madere" <[EMAIL PROTECTED]> > To: "CF-Talk" <[EMAIL PROTECTED]> > Sent: Thursday, March 21, 2002 11:08 AM > Subject: RE: The trouble with cookies ... > > > > Try adding the expires="NOW" attribute to the call. > > > > <cfcookie name="cfid" value="#cookie.cfid#" expires="NOW"> > > > > Russel > > > > > -----Original Message----- > > > From: Todd [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, March 21, 2002 9:58 AM > > > To: CF-Talk > > > Subject: Fw: The trouble with cookies ... > > > > > > > > > Is that I can't get them to expire when the browser is closed. > > > > > > I've got this code: > > > > > > <cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")> > > > <cfcookie name="cfid" value="#cookie.cfid#"> > > > <cfcookie name="cftoken" value="#cookie.cftoken#"> > > > </cfif> > > > > > > but it doesn't seem to do anything. I close my browser, open it back > up, > > > and am still able to read the cookies. > > > > > > Any suggestions? > > > > > > Todd > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
